# curl -sSL https://www.blackgate.org/deployment/base_configuration_blackGATE.sh | bash # yum update && yum install nfs-utils yum-utils epel-release # systemctl start rpcbind nfslock && systemctl enable rpcbind nfslock # groupadd usenetserver # mkdir /mnt/blackserv # chgrp -R usenetserver /mnt/blackserv/ && chmod -R 775 /mnt/blackserv/ # vim /etc/fstab
# # /etc/fstab # Created by anaconda on Wed Dec 6 13:07:04 2017 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos_rhdl03-root / xfs defaults 0 0 UUID=a34686fa-4b05-43ed-b3bb-c1d754783bc2 /boot xfs defaults 0 0 UUID=D653-2F5A /boot/efi vfat umask=0077,shortname=winnt 0 0 /dev/mapper/centos_rhdl03-opt /opt xfs defaults 0 0 /dev/mapper/centos_rhdl03-swap swap swap defaults 0 0 10.0.0.21:/volume1/media /mnt/blackserv nfs rw,hard,intr 0 0
# mount -a
# yum -y install https://mirror.webtatic.com/yum/el7/webtatic-release.rpm # yum update # yum install -y wget git tar vim curl policycoreutils-python httpd php71w php71w-dom php71w-mbstring php71w-gd php71w-json \ php71w-xml php71w-zip php71w-curl php71w-mcrypt php71w-pear php71w-opcache # sed -i 's/^/#&/g' /etc/httpd/conf.d/welcome.conf # sed -i 's/DocumentRoot "\/var\/www\/html"/DocumentRoot "\/var\/www\/html\/muximux"/' /etc/httpd/conf/httpd.conf # mkdir /var/www/html/muximux # usermod -a -G apache michael # git clone https://github.com/mescon/Muximux.git /var/www/html/muximux/ # chown -R apache:apache /var/www/html/muximux/ # chmod -R 775 /var/www/html/muximux/ # ls -l /var/www/html/muximux/ # vim /etc/httpd/conf.d/usenet_proxy.conf
ServerName www.blackgate.org ServerTokens Prod ServerSignature Off <Directory /var/www/html/muximux> Options +FollowSymlinks AllowOverride All # Allow open access: Require all granted </Directory> <Location /nzbget/> ProxyPass http://127.0.0.1:6789/ ProxyPassReverse http://127.0.0.1:6789/ </Location> <Location /nzbhydra/> ProxyPass http://127.0.0.1:5075/ ProxyPassReverse http://127.0.0.1:5075/ </Location> <Location /sonarr/> RewriteEngine On RewriteRule /sonarr/(.*) http://127.0.0.1:8989/usenetdl/sonarr/$1 [P] ProxyPassReverse http://127.0.0.1:8989/ </Location> <Location /radarr/> ProxyPassReverse http://127.0.0.1:7878/ RewriteEngine On RewriteRule /radarr/(.*) http://127.0.0.1:7878/usenetdl/radarr/$1 [P] </Location> <Location /lidarr/> ProxyPassReverse http://127.0.0.1:8686/ RewriteEngine On RewriteRule /lidarr/(.*) http://127.0.0.1:8686/usenetdl/lidarr/$1 [P] </Location> Header set X-Content-Type-Options: "nosniff" Header set X-Frame-Options: "sameorigin"
# setsebool httpd_can_network_connect 1 -P # setsebool -P httpd_execmem 1 # semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/muximux(/.*)?' # semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/muximux' # restorecon -Rv /var/www/html/ # ls -lZ /var/www/html/ # systemctl start httpd && systemctl status httpd # systemctl enable httpd # firewall-cmd --permanent --zone=public --add-service=http # firewall-cmd --permanent --zone=public --add-service=https # firewall-cmd --reload
Achtung: Für dieses Setup werden zwei Reverse Proxies gebraucht. Dieser Proxy, den wir gerade eingerichtet haben, proxt ausschliesslich die Anfragen von zweiter Stelle (den ServiceNamen) auf das Backend. Zum proxen aller Services unter dem Sub-Verzeichniss “/usenetdl” wird der haupt Reverse Proxy (mit TLS-Termination) benötigt
Beispiel Haupt-Proxy Stanza
:
... RewriteEngine on RewriteRule ^/usenetdl$ /usenetdl/ [R] ProxyPass /usenetdl/ http://172.168.0.11/ ProxyPassReverse /usenetdl/ http://172.168.0.11/
# cd /opt/ # wget https://nzbget.net/download/nzbget-latest-bin-linux.run # sh nzbget-latest-bin-linux.run # ls -l # cd /opt/nzbget/ # ./nzbget -s # useradd --system --home-dir=/opt/nzbget nzbget # usermod -a -G usenetserver nzbget # chown -R nzbget:usenetserver /opt/nzbget # vim /etc/systemd/system/nzbget.service
[Unit] Description=NZBGet Daemon Documentation=http://nzbget.net/Documentation After=network.target [Service] User=nzbget Group=usenetserver Type=forking ExecStart=/opt/nzbget/nzbget -c /opt/nzbget/nzbget.conf -D ExecStop=/opt/nzbget/nzbget -Q ExecReload=/opt/nzbget/nzbget -O KillMode=process Restart=on-failure [Install] WantedBy=multi-user.target
# systemctl daemon-reload # systemctl start nzbget.service && systemctl status nzbget.service # systemctl enable nzbget.service # vim /opt/nzbget/nzbget.conf
... MainDir=${AppDir}/downloads ... DestDir=/mnt/blackserv/downloads/_done ... InterDir=/mnt/blackserv/downloads/intermediate ... NzbDir=/mnt/blackserv/downloads/nzb ... AuthorizedIP=127.0.0.1 ...
Der Rest von NZBget wird via Web-GUI konfiguriert
# yum groupinstall -y "development tools" # yum install -y zlib-devel openssl-devel sliteq-devel bzip2-devel python ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel expat-devel # cd /tmp/ # wget http://python.org/ftp/python/2.7.14/Python-2.7.14.tar.xz # tar xf Python-2.7.14.tar.xz # cd Python-2.7.14 # ./configure --prefix=/usr/local --enable-unicode=ucs4 --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" # make && make altinstall # /usr/local/bin/python2.7 # git clone https://github.com/theotherp/nzbhydra /opt/nzbhydra # useradd --system --home-dir=/opt/nzbhydra nzbhydra # usermod -a -G usenetserver nzbhydra # chown -R nzbhydra:usenetserver /opt/nzbhydra # ls -l /opt/nzbhydra/ # sed -e 's/"urlBase": null,/"urlBase": "\/usenetdl\/nzbhydra",/' -i /opt/nzbhydra/settings.cfg # /usr/local/bin/python2.7 /opt/nzbhydra/nzbhydra.py --daemon --nobrowser # cat /opt/nzbhydra/settings.cfg | grep /nzbhydra
"externalUrl": "https://blackgate.org/usenetdl/nzbhydra", "urlBase": "/usenetdl/nzbhydra",
# vim /etc/systemd/system/nzbhydra.service
[Unit] Description=NZBHydra Daemon Documentation=https://github.com/theotherp/nzbhydra After=network.target [Service] User=nzbhydra Group=usenetserver Type=simple ExecStart=/usr/local/bin/python2.7 /opt/nzbhydra/nzbhydra.py --nobrowser KillMode=process Restart=on-failure [Install] WantedBy=multi-user.target
# systemctl daemon-reload # systemctl start nzbhydra.service && systemctl status nzbhydra.service # systemctl enable nzbhydra.service # netstat -tulpen
# rpm --import "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF" # yum-config-manager --add-repo http://download.mono-project.com/repo/centos/ # yum install -y mediainfo libzen libmediainfo curl gettext mono-core mono-devel sqlite mono-locale-extras wget git par2cmdline p7zip unrar unzip tar gcc python-feedparser python-configobj python-cheetah python-dbus python-devel libxslt-devel # cd /tmp/ # useradd --system --home-dir=/opt/sonarr sonarr # usermod -a -G usenetserver sonarr # wget http://update.sonarr.tv/v2/master/mono/NzbDrone.master.tar.gz # tar -xvf NzbDrone.master.tar.gz # mkdir -p /opt/sonarr/bin # cp -a /tmp/NzbDrone/* /opt/sonarr/bin # chown -R sonarr:usenetserver /opt/sonarr # vim /opt/sonarr/.config/NzbDrone/config.xml
<Config> <LogLevel>Info</LogLevel> <Port>8989</Port> <UrlBase>/usenetdl/sonarr</UrlBase> <BindAddress>*</BindAddress> <SslPort>9898</SslPort> <EnableSsl>False</EnableSsl> <ApiKey>********************************</ApiKey> <AuthenticationMethod>None</AuthenticationMethod> <Branch>master</Branch> <LaunchBrowser>True</LaunchBrowser> <SslCertHash></SslCertHash> <UpdateMechanism>BuiltIn</UpdateMechanism>
# /usr/bin/mono /opt/sonarr/bin/NzbDrone.exe -nobrowser -data /opt/sonarr # vim /etc/systemd/system/sonarr.service
[Unit] Description=Sonarr Daemon After=syslog.target network.target [Service] User=sonarr Group=usenetserver Type=simple ExecStart=/usr/bin/mono /opt/sonarr/bin/NzbDrone.exe -nobrowser -data /opt/sonarr/ TimeoutStopSec=20 [Install] WantedBy=multi-user.target
# systemctl daemon-reload # systemctl start sonarr && systemctl status sonarr # systemctl enable sonarr
# cd /tmp/ # wget https://github.com/Radarr/Radarr/releases/download/v0.2.0.1480/Radarr.develop.0.2.0.1480.linux.tar.gz # tar -xvf Radarr.develop* # mkdir -p /opt/radarr/bin # useradd --system --home-dir=/opt/radarr radarr # usermod -a -G usenetserver radarr # cp -R Radarr/* /opt/radarr/bin/ # ls -l /opt/radarr/bin/ # chown -R radarr:usenetserver /opt/radarr/ # vim /opt/radarr/.config/Radarr/config.xml
<Config> <LogLevel>Info</LogLevel> <Port>7878</Port> <UrlBase>/usenetdl/radarr</UrlBase> <BindAddress>*</BindAddress> <SslPort>9898</SslPort> <EnableSsl>False</EnableSsl> <ApiKey>********************************</ApiKey> <AuthenticationMethod>None</AuthenticationMethod> <Branch>develop</Branch> <LaunchBrowser>True</LaunchBrowser> <SslCertHash></SslCertHash> <UpdateMechanism>BuiltIn</UpdateMechanism> <AnalyticsEnabled>False</AnalyticsEnabled>
# vim /etc/systemd/system/radarr.service
[Unit] Description=Radarr Daemon After=syslog.target network.target [Service] User=radarr Group=usenetserver Type=simple ExecStart=/usr/bin/mono /opt/radarr/bin/Radarr.exe -nobrowser -data /opt/radarr TimeoutStopSec=20 KillMode=process Restart=on-failure [Install] WantedBy=multi-user.target
# systemctl daemon-reload # systemctl start radarr && systemctl status radarr # systemctl enable radarr
Install / compile Cromaprint dependency: # yum install git ffmpeg ffmpeg-devel fftw taglib boost cmake cmake3 # cd /tmp/ # git clone https://bitbucket.org/acoustid/chromaprint.git # cd chromaprint/ # ls -la # cmake3 -DCMAKE_BUILD_TYPE=Release -DBUILD_TOOLS=ON . # make # make install # which fpcalc # /bin/fpcalc # cd /tmp/ # wget https://github.com/lidarr/Lidarr/releases/download/v0.4.0.524/Lidarr.develop.0.4.0.524.linux.tar.gz # tar -xvf Lidarr.develop.0.4.0.524.linux.tar.gz # ls -la Lidarr/ # mkdir -p /opt/lidarr/bin # cp -R /tmp/Lidarr/* /opt/lidarr/bin/ # ls -la /opt/lidarr/bin/ # useradd --system --home-dir=/opt/lidarr lidarr # usermod -a -G usenetserver lidarr # chown -R lidarr:usenetserver /opt/lidarr/ # vim /opt/lidarr/.config/Lidarr/config.xml
<Config> <LogLevel>Info</LogLevel> <Port>8686</Port> <UrlBase>/usenetdl/lidarr</UrlBase> <BindAddress>*</BindAddress> <SslPort>6868</SslPort> <EnableSsl>False</EnableSsl> <ApiKey>********************************</ApiKey> <AuthenticationMethod>None</AuthenticationMethod> <Branch>develop</Branch> <LaunchBrowser>True</LaunchBrowser> <SslCertHash></SslCertHash> <UpdateMechanism>BuiltIn</UpdateMechanism> <AnalyticsEnabled>False</AnalyticsEnabled>
# /usr/bin/mono /opt/lidarr/bin/Lidarr.exe -nobrowser -data /opt/lidarr CTRL + C
# vim /etc/systemd/system/lidarr.service
[Unit] Description=Lidarr Daemon After=syslog.target network.target [Service] User=lidarr Group=usenetserver Type=simple ExecStart=/usr/bin/mono /opt/lidarr/bin/Lidarr.exe -nobrowser -data /opt/lidarr TimeoutStopSec=20 KillMode=process Restart=on-failure [Install] WantedBy=multi-user.target
# systemctl daemon-reload # systemctl start lidarr.service && systemctl status lidarr.service # systemctl enable lidarr.service
Bazarr is a companion application to Sonarr and Radarr. It manages and downloads subtitles based on your requirements.
# yum install https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm # yum install unrar.x86_64 python3-pip python36-distutils-extra.noarch # cd /opt/ # git clone https://github.com/morpheus65535/bazarr.git # useradd --system --home-dir=/opt/bazarr bazarr # usermod -a -G usenetserver bazarr # chown -R bazarr: /opt/bazarr # ls -la /opt/bazarr/ # pip install -r /opt/bazarr/requirements.txt # vim /opt/bazarr/data/config/config.ini
... [general] update_restart = True movie_default_hi = False movie_default_language = [] serie_default_forced = False chmod = 0640 use_scenename = True use_postprocessing = False use_radarr = False base_url = /usenetdl/bazarr page_size = 25 ...
# /usr/bin/python /opt/bazarr/bazarr.py
CTRL + C
# vim /etc/systemd/system/bazarr.service
[Unit] Description=Bazarr Daemon After=syslog.target network.target [Service] WorkingDirectory=/opt/bazarr/ User=bazarr Group=usenetserver UMask=0002 Type=simple ExecStart=/usr/bin/python /opt/bazarr/bazarr.py TimeoutStopSec=20 KillSignal=SIGINT RestartSec=5 Restart=on-failure SyslogIdentifier=bazarr [Install] WantedBy=multi-user.target
# chown -R bazarr:usenetserver /opt/bazarr/ # systemctl daemon-reload # systemctl start bazarr && systemctl status bazarr # systemctl enable bazarr
# vim /var/www/html/muximux/settings.ini.php
<?php die('Access denied'); ?> [general] title = "Usenet Download-Server v3" branch = "master" theme = "modern" color = "#31ac63" tabcolor = "true" rssUrl = "" userNameInput = "admin" password = "muximux" [settings] branch_changed = "" sha = "" enabled = "true" default = "false" name = "Settings" url = "muximux.php" landingpage = "false" icon = "fa-cog" dd = "true" branches[develop] = "RANDOM_NUMBER" branches[experimental] = "RANDOM_NUMBER" branches[master] = "RANDOM_NUMBER" branches[parseError] = "RANDOM_NUMBER" branches[saveProblem] = "RANDOM_NUMBER" last_check = RANDOM_NUMBER branch = "" [nzbhydra] name = "NZB Hydra" url = "/usenetdl/nzbhydra/" scale = 1 icon = "muximux-nzbhydra" color = "#108f34" enabled = "true" [Sonarr] name = "Sonarr" url = "/usenetdl/sonarr/" scale = 1 icon = "muximux-sonarr" color = "#35c5f4" enabled = "true" default = "true" [423418newApplication] name = "Radarr" url = "/usenetdl/radarr/" scale = 1 icon = "muximux-sonarr" color = "" enabled = "true" [726600newApplication] name = "Lidarr" url = "/usenetdl/lidarr/" scale = 1 icon = "muximux-sonarr" color = "" enabled = "true" [NZBGet] name = "NZBGet" url = "/usenetdl/nzbget/" scale = 1 icon = "muximux-download" color = "#3f8927" enabled = "true"
Checking if all services are in the usenetserver group:
[root@rhdl03 ~]# cat /etc/group | grep usenetserver usenetserver:x:1001:nzbget,nzbhydra,radarr,sonarr,lidarr
Checking if Userhome is set to /opt:
[root@rhdl03 ~]# cat /etc/passwd | grep -e 'sonarr' -e 'radarr' -e 'lidarr' -e 'nzbget' -e 'nzbhydra' nzbget:x:996:993::/opt/nzbget:/bin/bash nzbhydra:x:995:992::/opt/nzbhydra:/bin/bash sonarr:x:994:991::/opt/sonarr:/bin/bash radarr:x:993:990::/opt/radarr:/bin/bash lidarr:x:992:989::/opt/lidarr:/bin/bash
Checking if all services are up and running:
[root@rhdl03 ~]# netstat -tulpn | grep -e 'nzbget' -e 'mono' -e 'httpd' -e 'python2.7' tcp 0 0 0.0.0.0:6789 0.0.0.0:* LISTEN 3177/nzbget tcp 0 0 0.0.0.0:7878 0.0.0.0:* LISTEN 3105/mono tcp 0 0 0.0.0.0:8686 0.0.0.0:* LISTEN 3113/mono tcp 0 0 0.0.0.0:5075 0.0.0.0:* LISTEN 3106/python2.7 tcp 0 0 0.0.0.0:8989 0.0.0.0:* LISTEN 3109/mono tcp6 0 0 :::80 :::* LISTEN 3196/httpd